Hello! A few days ago, my eee PC laptop was unfortunately infected with the Microsoft Security Suite malware. I was able to install and run Malwarebytes in Safe Mode Networking, and that got rid of 90% of the problems. However, there are still a couple of strange things going on, such as the fact that my virus protection (Microsoft Security Essentials) isn't able to run updates, and my Windows Update also doesn't seem able to run. After consulting with some kind people in another thread on this site, I was advised to follow the 8-step procedure, which I just did. I was hoping that if I post the logs here, someone could take a look and tell me what else might need to be done. The logs were too long to paste so I've attached them. Thank you very much!

Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.

Double click combofix.exe & follow the prompts.

When finished, it will produce a log. Please save that log to post in your next reply.

Re-enable all the programs that were disabled during the running of ComboFix..

Note:Do not mouse-click combofix's window while it is running. That may cause it to stall.

CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Thanks a lot for your help. The Combofix log is attached. I don't know if you need this as well, but shortly after I started it, it told me that it had detected rootkit activity and asked me to write down the following: "Service: ACPIEC, Location: C\WINDOWS\system32\DRIVERS\ACPIEC.sys

--John

Attached Files:

Since I posted the last message, some new problems have occurred. First, I was pleasantly surprised to find that I was able to load the updates for Microsoft Security Essentials, which I was unable to do since the malware attack.After that I started running a fresh check with Malwarebytes. I was on-line on the Web at the time, but I certainly wasn't downloading any torrents or on any torrent sites. I got an alert from MSE which said that a trojan was attempting to infiltrate my system. It asked me if I wanted to clean it and of course I said yes, and it said it was able to get rid of it. Then, a few minutes later, I suddenly got the blue screen of death for no apparent reason and had to restart. Then I had the Microsoft Windows "The system has recovered from a serious error" pop-up on my screen, and I couldn't get it off my screen for some time, although it finally seems to have stopped reappearing. I don't know if this was a fresh infection or the result of the last one, but I thought I should describe it.

I'm sorry for being away for so long. I thought the problem was solved but today it re-emerged.

Earlier today I was infected by the Antivirus Action malware. I ran Malwarebytes and ran a full scan in Safe Mode. The first time it found and removed several infections. I ran it a second time and it found nothing. My system is greatly improved, but for some reason my Microsoft Security Essentials suite is switched off and I cannot get it to restart. In regular mode it is non-responsive, and even in Safe Mode I cannot switch it back on for monitoring (even though it will scan). I'm concerned that there may still be traces of the infection in my system. Thank you in advance.

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

I don't mean to be impatient but it's been a week and I was wondering if you'd had a chance to look at this yet. I'm still having a few weird problems, such as when I try to pull up a site through Google and I get redirected to other sites.

Dear Crunchie, I apologize for the delay. I hadn't realized that this thread had gone onto a second page and didn't see your reply until after you called my attention to it.

The first time I ran OTL Custom Fix, when it was done I tried to reboot but as soon as I touched the keyboard I got the "blue screen of death" instead, and didn't get a chance to save the log. I restarted my machine and it seemed to be OK after that. I ran the Custom Fix again and the log is below. I'm not sure but it may have happened because I forgot to close my browser until after I started the Fix. Here's the log that was generated during the second fix: